Migration from PA3020 to VM-200

Hallo,

I'm facing a migration process from PAN-3020 with two vsys (vsys1 and vsys2) to VM-200 without vsys. I'm trying to use Migration Tool but I'have problems with migrating objecst - addresses, services because they are under vsys1, vsys2 and shar

Failed to add correlation object 601x

This morning, I've received the following alerts from both of our PA-3050 firewalls:

Failed to add correlation object 6011

Failed to add correlation object 6012

Failed to add correlation object 6013

Failed to add correlation object 6014

Failed to add cor

Reliable Threat Feed with lowest false positive for Production Environment

I am wondering, which threat feed is most reliable with lowest false positive that can be used in production environment.

Does anyone have done analysis on it?  Which one is most commonly threat feed used by customer in production environment? Does

Error reading last checkpoint

Hi everyone,

I am facing an issue that floods my output SIEM a little to often. The issue seems to be that the miner node is unable to register where it left of during the last check. Any tips on solving this?

Oracle Web Cache/Proxy fails when behind Palo Alto Firewall

I have a situation where by when an Oracle Web Cache server is placed behind a PA firewall, the application takes time to load or fails in some cases. The design is as followins;

Windows 7 Client --> Routers  --> PaloAlto Firewall --> Radware Loadbala

MineMeld Docker

I started building out a very simple dev (read: unhardened) docker build for MineMeld here: https://github.com/swannysec/MineMeldDocker

Looks like it won't start up correctly inside a container and I think it might be related to the use of UNIX soc

rsyslogd dependencies problem

Hi Luigi,

I was testing stdlib.localSyslog to correlate paloalto logs with indicator following this article https://live.paloaltonetworks.com/t5/tkb/articleprintpage/tkb-id/MineMeldArticles/article-id/11

But I was unable to make it work. After a

Link types for HA

I have a client who wants to split their PA3020 HA cluster between 2 datacenters.   What are the limitations for the HA1/HA2 interfaces in terms of distance, and network latency for active/passive HA to work cleanly.  On a 3020 can HA1/HA2 functional

BGP Multiple ISP VR Requirements

I'm attempting to wrap my head around a very critical piece of setting up BGP between 2 ISP's concerning how many Virtual Routers are required.

I currently have 1 ISP (A) up and running on BGP just fine and my other ISP (B) will be converted to BGP o

Application Filter Traffic Reports

Is it possible to view traffic related to a specific application filter through the "Monitor" tab? For example, if I setup an application filter for the "gaming" subcategory, can I view the related traffic without specifying each application individu

Port scan and sweep scan

Hi,
How to block Portscanning
Or atleast log
Thanks

active/active vpn query.

Hi Team,

Case no: 00567829

I have a customer, who have active/active set up.
He had configured a vpn with the floating ip.

The vpn is working fine. No issues with that but he is getting system alert message on the active/secondary device about the phase1